[Systems] SL Social Help and COPPA

Luke Faraone luke at faraone.cc
Mon Jun 15 02:59:50 EDT 2015


I think these are not issues that are productive to bring up on this
list. If you have concerns about SugarLabs legal compliance, we should
discuss them with our lawyers, rather than attempting to play amateur
attorney here.

On 14 June 2015 at 22:18, Sam P. <sam.parkinson3 at gmail.com> wrote:
> Hi Bernie,
>
> Sorry for the late reply.
>
> I'm not sure what your opinion is on this, but I would think that Social
> Help is "DIRECTED TO CHILDREN UNDER 13" considering we link to it within
> Sugar 0.106.
>
> I actually just mocked up something that uses the Discouse SSO api to use a
> different auth system.  It lets users choose their name and password and
> optionally give us their email.  That will probably fix the issue either
> way.
>
> Thanks,
> Sam
>
> On Sat, Jun 6, 2015 at 1:58 PM Bernie Innocenti <bernie at codewiz.org> wrote:
>>
>> On 05/31/2015 05:56 AM, Sam P. wrote:
>> > Hi,
>> >
>> > I was thinking a little more about the social help web service.  It is
>> > probably going to get a few sign ups from people under the age of 13
>> > years old (sugar's target market, right?).  It is also hosted on a
>> > server in the USA.  Therefore I think that means we need to make it
>> > comply with the COPPA [1].
>> >
>> > I'm completely at a loss of how to comply.  It appears that email
>> > addresses are classes as PII (personally identifying info), so require
>> > parental consent to be gather.  Discourse (the forum) software is
>> > practically inseparable from email addresses.  Requiring parental
>> > consent would wreck the whole social help experience (being able to
>> > quickly ask a question).
>> >
>> > Any ideas?
>>
>> My understanding of COPPA is that you only need to comply "if you
>> operate a commercial Web site or an online service DIRECTED TO CHILDREN
>> UNDER 13 that collects personal information from children or if you
>> operate a general audience Web site AND YOU HAVE ACTUAL KNOWLEDGE that
>> you are collecting personal information from children". (emphasis mine).
>>
>> So you should be fine if your service is not explicitly directed to
>> children or you have no actual knowledge that your users are children.
>> IANAL, but the fact that most websites in the US let me create an
>> account without checking my age suggests that this is how COPPA is being
>> interpreted by most site operators.
>>
>>
>> > Thanks,
>> > Sam
>> >
>> > [1]  http://coppa.org/
>> >
>> >
>> > _______________________________________________
>> > Systems mailing list
>> > Systems at lists.sugarlabs.org
>> > http://lists.sugarlabs.org/listinfo/systems
>> >
>>
>>
>> --
>>  _ // Bernie Innocenti
>>  \X/  http://codewiz.org
>
>
> _______________________________________________
> Systems mailing list
> Systems at lists.sugarlabs.org
> http://lists.sugarlabs.org/listinfo/systems
>



-- 
Luke Faraone;; Debian & Ubuntu Developer; Sugar Labs; MIT SIPB
lfaraone on irc.[freenode,oftc].net -- https://luke.wf/ohhello
PGP fprint: 5189 2A7D 16D0 49BB 046B  DC77 9732 5DD8 F9FD D506


More information about the Systems mailing list